OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
« previous next »
  • Print
Pages: [1]

Author Topic: IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE  (Read 2180 times)

obrienmd

  • Newbie
  • *
  • Posts: 13
  • Karma: 1
    • View Profile
IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
« on: October 11, 2017, 01:02:28 am »
After struggling with zerotier performance, I'm getting back into running routing protocols over GRE, with IPSec in transport mode. I have a pair on 17.7 (no point upgrades) seemingly working fine, but with my boxes on the current 17.7.5 point release, with the same configs, I have a few pairs that get good SAs, SPs, but cannot pass any traffic and show the following in the log whenever a packet tries to go out:

Code: [Select]
charon: 07[KNL] received invalid PF_ROUTE messageSearching for this ^ returns only a reference to the strongswan source code :)

When I ping one WAN IP from another (leaving GRE out entirely), I get:
Code: [Select]
ping: sendto: Permission denied
Does anyone have IPSec transport mode working on 17.7.5?
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2